OWASP Application Security Verification Standard (ASVS)

Providers of web application security verification services can take wildly different approaches and levels of rigor, ranging from using simple search tools to performing painstaking code review and manual testing. This process also typically involves searching for and only reporting vulnerabilities, but does not necessarily comment on what good security practices were found.
All of these problems have a single root cause: the lack of a standard for performing application-level security verification that can be used for any application without special interpretation. The OWASP Application Security Verification Standard (ASVS) was designed to normalize the range in coverage, level of rigor, and reporting requirements available in the market when it comes to performing application security verification.
By the end of this presentation, you will understand how OWASP ASVS defines:

Levels of application-level security verification that increase in breadth and depth as one moves up the levels,